Re: [jose] Whether implementations must understand all JOSE header fields
Mike Jones <Michael.Jones@microsoft.com> Thu, 20 December 2012 02:12 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61BF721F858C for <jose@ietfa.amsl.com>; Wed, 19 Dec 2012 18:12:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[AWL=-0.151, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-tHxSPHuMVX for <jose@ietfa.amsl.com>; Wed, 19 Dec 2012 18:12:42 -0800 (PST)
Received: from NA01-BY2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.31]) by ietfa.amsl.com (Postfix) with ESMTP id 99D7721F84DE for <jose@ietf.org>; Wed, 19 Dec 2012 18:12:42 -0800 (PST)
Received: from BY2FFO11FD007.protection.gbl (10.1.15.203) by BY2FFO11HUB032.protection.gbl (10.1.14.177) with Microsoft SMTP Server (TLS) id 15.0.586.12; Thu, 20 Dec 2012 02:12:40 +0000
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD007.mail.protection.outlook.com (10.1.14.128) with Microsoft SMTP Server (TLS) id 15.0.586.12 via Frontend Transport; Thu, 20 Dec 2012 02:12:40 +0000
Received: from TK5EX14MBXC283.redmond.corp.microsoft.com ([169.254.2.50]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi id 14.02.0318.003; Thu, 20 Dec 2012 02:12:03 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Manger, James H" <James.H.Manger@team.telstra.com>, "jose@ietf.org" <jose@ietf.org>
Thread-Topic: [jose] Whether implementations must understand all JOSE header fields
Thread-Index: Ac3da4u39ZRiYSLMQBShe+M/5UR54QAALdFQAAH0xRAAByH0sAAkEbRAAApz+pAAAl46sAAAXPvwAABfavA=
Date: Thu, 20 Dec 2012 02:12:02 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436697B301@TK5EX14MBXC283.redmond.corp.microsoft.com>
References: <4E1F6AAD24975D4BA5B168042967394366968592@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115040898B5@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B16804296739436696ABC0@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115041F5FFC@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B168042967394366977627@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115042EDB0C@WSMSG3153V.srv.dir.telstra.com> <4E1F6AAD24975D4BA5B16804296739436697AEE2@TK5EX14MBXC283.redmond.corp.microsoft.com> <255B9BB34FB7D647A506DC292726F6E115042EDB85@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E115042EDB85@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.73]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739436697B301TK5EX14MBXC283r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(51704002)(377454001)(44976002)(74662001)(15202345001)(74502001)(47446002)(49866001)(31966008)(16236675001)(50986001)(51856001)(47976001)(4396001)(56816002)(47736001)(53806001)(77982001)(76482001)(59766001)(55846006)(5343655001)(16406001)(46102001)(5343635001)(512874001)(33656001)(54356001)(56776001)(54316002); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB032; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07013D7479
Subject: Re: [jose] Whether implementations must understand all JOSE header fields
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Dec 2012 02:12:43 -0000
Fair enough, but I am also very confident that every implementation trying to use a compressed payload where it was expecting an uncompressed one would quickly notice the difference and then do what it takes to get their implementation fixed/updated. ☺ -- Mike From: Manger, James H [mailto:James.H.Manger@team.telstra.com] Sent: Wednesday, December 19, 2012 6:08 PM To: Mike Jones; jose@ietf.org Subject: RE: [jose] Whether implementations must understand all JOSE header fields > The prefix for “alg” values would have exactly the same property as adding a new header parameter. If the new alg value was not understood, the JWS would be useless to the receiver. I am very confident that every (reasonable) JOSE implementation will notice the “alg” value, ie fail-safe on an unrecognized “alg” value. > (Just as it would be useless if a new header value was used, if not understood.) I’m not sure why the former is any more usable than the latter. I have far far less confidence that every (reasonable) JOSE implementation will notice an unexpected field, particularly a known field in an unexpected context. -- James Manger Cheers, -- Mike From: Manger, James H [mailto:James.H.Manger@team.telstra.com] Sent: Wednesday, December 19, 2012 5:39 PM To: Mike Jones; jose@ietf.org<mailto:jose@ietf.org> Subject: RE: [jose] Whether implementations must understand all JOSE header fields > “zip” is a perfect example of indicating a change of semantics with the presence of a new field. The processing of a JWE without a “zip” field is different than the processing of it with one. An implementation must understand the field to use the resulting JWE. The same would be true of any JWS that used a “zip” extension. > > It would never be safe to ignore this field, whether defined as part of the base spec, or defined as an extension later. I agree. When I looked at a handful of publicly available JOSE implementations quite a while ago none enforced the “MUST understand everything” rule — so a zip-for-JWS extension would be dangerous for them. One implementation later added code to enforce the rule using one fixed list of all header fields defined in JW* — so a zip-for-JWS extension would be dangerous for that too. We know the “MUST understand everything” rule makes it hard to deploy non-critical extensions. It seems to me that the rule also makes it dangerous to deploy critical extensions. About the only safe way to define a critical extension will be to define a prefix for “alg” values (eg "alg": "zip;RSA1_5"). I hope that isn’t the most practical option we leave for anyone wanting to extend JOSE. -- James Manger
- [jose] Whether implementations must understand al… Mike Jones
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Axel.Nennker
- Re: [jose] Whether implementations must understan… Manger, James H
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Richard Barnes
- Re: [jose] Whether implementations must understan… Manger, James H
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Manger, James H
- Re: [jose] Whether implementations must understan… Dirkjan Ochtman
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Manger, James H
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Manger, James H
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Dirkjan Ochtman
- Re: [jose] Whether implementations must understan… Jim Schaad
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Jim Schaad
- Re: [jose] Whether implementations must understan… Jim Schaad
- Re: [jose] Whether implementations must understan… Mike Jones
- Re: [jose] Whether implementations must understan… Jim Schaad
- Re: [jose] Whether implementations must understan… Mike Jones